A UK view on Cyber, Information & IT Security by Security Expert Dave Whitelegg. Providing advice and explaining security for everyone, and also contemplating advanced themes and future trends in security.
With a focus on all the latest developments & issues within the UK Information Security space such as Hacking, DDoS, Botnets, Malware, Identity Theft, Data Protection (DPA) and regulatory compliance like PCI DSS & ISO27001:2013, all will be explained in an easy to understand way.

Wednesday, 27 April 2011

PlayStation Hack: PSN Gamers Security Help

On 20th April 2011, without announcement Sony took down their online gaming network, the PlayStation Network (PSN), which is used by millions of gamers worldwide. I immediately suspected it was hacked, and my fears were confirmed by Sony, who stated between April 17 and 19, they suffered an “illegal and unauthorised intrusion”. Sony also explained user account personal profile information ‘may’ have been compromised, which presents a major breach of personal information, a real gold mine of black market personal information for use by identity thieves and card fraudsters.

PSN Profile Information at Risk

Full Name

Full home address

Email Address

Date of Birth

PlayStation ID

PlayStation Password

PlayStation Security Questions & Answers (password reset)

Purchase History

Billing address

Credit Card Details

When a company uses the word “may” in reference to a data breach, it is always wise assume the information has been stolen and is in the hands of the bad guys.

PSN Gamers Security Advice

1.Once the PlayStation Network comes back online, the first thing you must do is not play CoD or FIFA, but change your PSN password straight away.

2.Pay extra attention to transaction activity on your credit card linked to your PSN account. With data breaches of this nature, credit card data is the quickest and so typically is the first piece of information fraudsters cash in on. If you have received an Email from Sony saying your account has been compromised, I suggest you play it safe, cancel and obtain a new credit card. If you do find the bad guys have been using your credit card, report it to your credit card company immediately, they will cancel your credit card and reissue you a new one, and you should be fully refunded against any of fraudulent transactions made.

3.Be on the lookout for Scam (phishing) Emails. By using your profile information, the bad guys can craft and send you fraudulent Emails which are highly personalised and so appear to be more genuine than normal spam Emails, this technique in the security business is known as Spear Phishing. For example they could use your full name and birth date to offer you a free birthday gift, perhaps a free PlayStation 3 game voucher, enticing you to click on a link to a website engineered to steal further credit card details. Always remember Phishing Emails have either a greed (i.e. you have won something or get something for free) or a fear element (i.e. your account security has been compromised), so do not implicitly trust any such Emails, even if they look like they come from Sony.

4.Passwords. If your PSN password is the same password as with any of your other online accounts, especially with your Email account or online bank accounts, assume that this password is compromised and change those passwords right now.

5.The potential compromise of your Security Questions, which are used to reset your password is particularly concerning, especially if you can’t remember what security questions Sony has used. Many of your other online accounts will use the same security questions and answers, and typically your date of birth to reset your account password. Most websites will Email that password reset confirmation to your registered Email address, so be vigilant for password reset Emails and if you use an online Email system like Gmail or Hotmail, ensure the password you use is a strong one and unique. As if the bad guys compromise that Email account, they can use password resets to compromise many of your other accounts.

7 comments:

Network security covers a variety of computer networks, both public and private, that are used in everyday jobs conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.Computer Repairs Melbourne

I like the valuable info you supply for your articles about buy facebook fans. I will bookmark your weblog and check once more right here frequently. I’m fairly certain I will be informed many new stuff proper right here! Best of luck for the next!tivi 3d

Support Bloggers Rights

About Me

ShareThis

Disclaimer

This is a personal website, all views or opinions represented in this blog are personal to Dave Whitelegg and guest bloggers that post, and do not represent the views or opinions of any business or organisation. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information.

All original content copyright David Whitelegg 2007-2016. You may not use any original content with. Awesome Inc. theme. Powered by Blogger.